Background

Now, there is more and more WLAN in the world. How to only let the right users access into WLAN is very important for WLAN carrier. So they always want to build a 802.1x based WLAN.

Network Architecture

In WLAN, notebook with a wireless card is the users.

Access Point (AP) is access device for the users. They are always connected to LAN.

RADIUS server is connected to AP via AP.

Notebook settings

Because Microsoft's 802.1x client is NOT standard, users have to install a standard 802.1x client software. Now, there are many kinds of standard 802.1x client software, they are:

• AEGIS Client
• Odyssey Client
• Xsupplicant
• open1x

Users shall install a standard 802.1x client software, and then they can just start by inputting their username/password that provided by WLAN carrier. They shall choose MD5-Challenge as 802.1x protocol.MD5-Challenge is the easiest and most popular 802.1x protocol because it need no certificates creation, distribution and configuration.

Note: Users shall disable Windows's IEEE 802.1x authentication if they use Windows XP.

AP settings

You shall choose an AP, such as Cisco 1231, with 802.1x feature and choose EAP Authentication at IEEE802.1x.

You shall also enable AP's DHCP, thus users can get an IP address from AP.

Surely, you shall configure RADIUS server at the AP.

RADIUS server settings

RADIUS server will authenticate all users with their username/password. If you choose WinRadius, it will be an easy job. What you shall do is just add some users.

Summary

In fact, to build a 802.1x based WLAN is very easy.